Deterministic ω-automata for LTL: A safraless, compositional, and mechanically verified construction
Size: px
Start display at page:

Download "Deterministic ω-automata for LTL: A safraless, compositional, and mechanically verified construction"

Transcription

1 Deterministic ω-automata for LTL: A safraless, compositional, and mechanically verified construction Javier Esparza 1 Jan Křetínský 2 Salomon Sickert 1 1 Fakultät für Informatik, Technische Universität München, Germany 2 IST Austria May 11, 2015 Salomon Sickert (TU München) 1 / 16

2 Deterministic ω-automata for LTL: A safraless, compositional, and mechanically verified construction Salomon Sickert (TU München) 2 / 16

3 Deterministic ω-automata for LTL: A safraless, compositional, and mechanically verified construction Salomon Sickert (TU München) 3 / 16

4 Deterministic ω-automata for LTL: A safraless, compositional, and mechanically verified construction System with stochasticity and non-determinism expressed as a Markov decision process M Linear time property expressed as an LTL formula ϕ Non-deterministic Büchi automaton B Product M R to be analysed Deterministic Rabin automaton R Salomon Sickert (TU München) 3 / 16

5 Deterministic ω-automata for LTL: A safraless, compositional, and mechanically verified construction System with stochasticity and non-determinism expressed as a Markov decision process M Linear time property expressed as an LTL formula ϕ Non-deterministic Büchi automaton B Safra Product M R to be analysed Deterministic Rabin automaton R Salomon Sickert (TU München) 3 / 16

6 Deterministic ω-automata for LTL: A safraless, compositional, and mechanically verified construction System with stochasticity and non-determinism expressed as a Markov decision process M Linear time property expressed as an LTL formula ϕ Product M R to be analysed Deterministic (transition-based) Generalised Rabin automaton R Salomon Sickert (TU München) 4 / 16

7 Deterministic ω-automata for LTL: A safraless, compositional, and mechanically verified construction Salomon Sickert (TU München) 5 / 16

8 Deterministic ω-automata for LTL: A safraless, compositional, and mechanically verified construction Directly yields a deterministic system Salomon Sickert (TU München) 5 / 16

9 Deterministic ω-automata for LTL: A safraless, compositional, and mechanically verified construction Directly yields a deterministic system Product of several automata Salomon Sickert (TU München) 5 / 16

10 Deterministic ω-automata for LTL: A safraless, compositional, and mechanically verified construction Directly yields a deterministic system Product of several automata Logical structure of the input formula is preserved e.g.: Which G-subformulae are eventually true? Salomon Sickert (TU München) 5 / 16

11 Deterministic ω-automata for LTL: A safraless, compositional, and mechanically verified construction Directly yields a deterministic system Product of several automata Logical structure of the input formula is preserved e.g.: Which G-subformulae are eventually true? Smaller Systems 1 1 In most cases according to our experimental data; compared to the standard approach Salomon Sickert (TU München) 5 / 16

12 Deterministic ω-automata for LTL: A safraless, compositional, and mechanically verified construction Directly yields a deterministic system Product of several automata Logical structure of the input formula is preserved e.g.: Which G-subformulae are eventually true? Smaller Systems 1 Bonus: Construction and correctness theorem verified in Isabelle/HOL 1 In most cases according to our experimental data; compared to the standard approach Salomon Sickert (TU München) 5 / 16

13 Deterministic ω-automata for LTL: A safraless, compositional, and mechanically verified construction Directly yields a deterministic system Product of several automata Logical structure of the input formula is preserved e.g.: Which G-subformulae are eventually true? Smaller Systems 1 Bonus: Construction and correctness theorem verified in Isabelle/HOL with code extraction 50% done 1 In most cases according to our experimental data; compared to the standard approach Salomon Sickert (TU München) 5 / 16

14 Experimental Data i {1,...,n} GFa i GFb i NBA DRA DTGRA LTL2BA ltl2dstar Rabinizer 3 n = 1 4 n = 2 14 n = 3 40 Salomon Sickert (TU München) 6 / 16

15 Experimental Data i {1,...,n} GFa i GFb i NBA DRA DTGRA LTL2BA ltl2dstar Rabinizer 3 n = n = 2 14 > 10 4 n = 3 40 > 10 6 Salomon Sickert (TU München) 6 / 16

16 Experimental Data i {1,...,n} GFa i GFb i NBA DRA DTGRA LTL2BA ltl2dstar Rabinizer 3 n = n = 2 14 > n = 3 40 > Salomon Sickert (TU München) 6 / 16

17 ω-words and LTL An ω-word is an infinite sequence: w = a 0 a 1 a 2 a Salomon Sickert (TU München) 7 / 16

18 ω-words and LTL An ω-word is an infinite sequence: w = a 0 a 1 a 2 a Definition (LTL Semantics, Negation-Normal-Form) :: α set word α ltl B w tt = True w ff = False w a = a w 0 w a = a w 0 w ϕ ψ = w ϕ w ψ w ϕ ψ = w ϕ w ψ Salomon Sickert (TU München) 7 / 16

19 ω-words and LTL An ω-word is an infinite sequence: w = a 0 a 1 a 2 a Definition (LTL Semantics, Negation-Normal-Form) :: α set word α ltl B w tt = True w ff = False w a = a w 0 w a = a w 0 w ϕ ψ = w ϕ w ψ w ϕ ψ = w ϕ w ψ w Fϕ = k. w k ϕ w Gϕ = k. w k ϕ w ψuϕ = k. w k ϕ j < k. w j ψ w Xϕ = w 1 ϕ Salomon Sickert (TU München) 7 / 16

20 ω-words and LTL An ω-word is an infinite sequence: w = a 0 a 1 a 2 a Definition (LTL Semantics, Negation-Normal-Form) :: α set word α ltl B w tt = True w ff = False w a = a w 0 w a = a w 0 w ϕ ψ = w ϕ w ψ w ϕ ψ = w ϕ w ψ w Fϕ = k. w k ϕ w Gϕ = k. w k ϕ w ψuϕ = k. w k ϕ j < k. w j ψ w Xϕ = w 1 ϕ Salomon Sickert (TU München) 7 / 16

21 ω-words and LTL An ω-word is an infinite sequence: w = a 0 a 1 a 2 a Definition (LTL Semantics, Negation-Normal-Form) :: α set word α ltl B w tt = True w ff = False w a = a w 0 w a = a w 0 w ϕ ψ = w ϕ w ψ w ϕ ψ = w ϕ w ψ w Fϕ = k. w k ϕ w Gϕ = k. w k ϕ w ψuϕ = k. w k ϕ j < k. w j ψ w Xϕ = w 1 ϕ Salomon Sickert (TU München) 7 / 16

22 Unfolding Modal Operators Fϕ XFϕ ϕ Gϕ XGϕ ϕ ψuϕ ϕ (ψ X(ψUϕ)) Salomon Sickert (TU München) 8 / 16

23 Co-Büchi Automata for G-free ϕ ϕ = a (b U c) Salomon Sickert (TU München) 9 / 16

24 Co-Büchi Automata for G-free ϕ ϕ ϕ = a (b U c) Salomon Sickert (TU München) 9 / 16

25 Co-Büchi Automata for G-free ϕ ϕ = a (b U c) ϕ a c (b X(bUc)) Salomon Sickert (TU München) 9 / 16

26 Co-Büchi Automata for G-free ϕ ϕ = a (b U c) ϕ a c (b X(bUc)) āb c buc Salomon Sickert (TU München) 9 / 16

27 Co-Büchi Automata for G-free ϕ ϕ = a (b U c) ϕ a c (b X(bUc)) āb c buc q 1 : a (b U c) āb c a + āc q 2 : b U c c b c b c ā b c true q 3 : tt q 4 : ff true Salomon Sickert (TU München) 9 / 16

28 Tackling the G-Operator Relaxed case: FGϕ w = FGϕ iff w i = ϕ for almost all i Reason: G-subformulae may be nested inside X, F, U. Salomon Sickert (TU München) 10 / 16

29 Automata for FGϕ where ϕ is G-free w =... a + āc āb c ā b c c q 2 b c b c q 3 q 4 Salomon Sickert (TU München) 11 / 16

30 Automata for FGϕ where ϕ is G-free w = abc... q 1 a + āc āb c q 2 c b c b c ā b c q 4 Salomon Sickert (TU München) 11 / 16

31 Automata for FGϕ where ϕ is G-free w = abc... q 1 a + āc āb c ā b c a + āc āb c ā b c c q 2 b c b c c q 2 b c b c q 4 q 3 q 4 Salomon Sickert (TU München) 11 / 16

32 Automata for FGϕ where ϕ is G-free w = abc āb c... q 1 q 1 a + āc āb c ā b c a + āc q 2 b c c b c āb c c b c b c ā b c a + āc āb c ā b c q 2 b c c b c q 4 q 3 q 4 q 3 q 4 Salomon Sickert (TU München) 11 / 16

33 Automata for FGϕ where ϕ is G-free w = abc āb c āb c... q 1 q 1 q 1 a + āc āb c ā b c a + āc q 2 b c c b c āb c c b c ā b c a + āc b c āb c c b c b c ā b c a + āc āb c ā b c q 2 b c c b c q 4 q 3 q 4 q 3 q 4 q 3 q 4 Salomon Sickert (TU München) 11 / 16

34 Automata for FGϕ where ϕ is G-free w = abc āb c āb c... q 1 q 1 q 1 a + āc āb c ā b c a + āc q 2 b c c b c āb c c b c ā b c a + āc b c āb c c b c b c ā b c a + āc āb c ā b c q 2 b c c b c q 4 q 3 q 4 q 3 q 4 q 3 q 4 3 a + āc 0 āb c 1, 2 c b c ā b c b c Salomon Sickert (TU München) 11 / 16

35 Mojmir Automata 3 α 2 α 1 α 3 1, 2 β 2 β 3 β 1 Σ 0 Σ Salomon Sickert (TU München) 12 / 16

36 Mojmir Automata 3 α 2 α 1 α 3 1, 2 β 2 β 3 β 1 Σ 0 Σ In every step a new token is placed in the initial state and all other tokens are moved according to the transition function. Salomon Sickert (TU München) 12 / 16

37 Mojmir Automata 3 α 2 α 1 α 3 1, 2 β 2 β 3 β 1 Σ 0 Σ In every step a new token is placed in the initial state and all other tokens are moved according to the transition function. Deterministic Salomon Sickert (TU München) 12 / 16

38 Mojmir Automata 3 α 2 α 1 α 3 1, 2 β 2 β 3 β 1 Σ 0 Σ In every step a new token is placed in the initial state and all other tokens are moved according to the transition function. Deterministic Accepts an ω-word w iff almost all tokens reach the final states Salomon Sickert (TU München) 12 / 16

39 Mojmir Automata 3 α 2 α 1 α 3 1, 2 β 2 β 3 β 1 Σ 0 Σ In every step a new token is placed in the initial state and all other tokens are moved according to the transition function. Deterministic Accepts an ω-word w iff almost all tokens reach the final states Mojmir automata are blind to events that only happen finitely often Salomon Sickert (TU München) 12 / 16

40 Mojmir Automata 3 α 2 α 1 α 3 1, 2 β 2 β 3 β 1 Σ 0 Σ In every step a new token is placed in the initial state and all other tokens are moved according to the transition function. Deterministic Accepts an ω-word w iff almost all tokens reach the final states Mojmir automata are blind to events that only happen finitely often Salomon Sickert (TU München) 12 / 16

41 Going Further From Mojmir to Rabin Automata Salomon Sickert (TU München) 13 / 16

42 Going Further From Mojmir to Rabin Automata Unbounded number of tokens? Salomon Sickert (TU München) 13 / 16

43 Going Further From Mojmir to Rabin Automata Unbounded number of tokens? Abstraction with ranking functions for states and tokens Salomon Sickert (TU München) 13 / 16

44 Going Further From Mojmir to Rabin Automata Unbounded number of tokens? Abstraction with ranking functions for states and tokens Mojmir acceptance ( ) vs. Rabin acceptance (finite, )? Salomon Sickert (TU München) 13 / 16

45 Going Further From Mojmir to Rabin Automata Unbounded number of tokens? Abstraction with ranking functions for states and tokens Mojmir acceptance ( ) vs. Rabin acceptance (finite, )? Alternative definition for Mojmir acceptance Salomon Sickert (TU München) 13 / 16

46 Going Further From Mojmir to Rabin Automata Unbounded number of tokens? Abstraction with ranking functions for states and tokens Mojmir acceptance ( ) vs. Rabin acceptance (finite, )? Alternative definition for Mojmir acceptance Mojmir Automata for FGϕ for arbitrary ϕ Salomon Sickert (TU München) 13 / 16

47 Going Further From Mojmir to Rabin Automata Unbounded number of tokens? Abstraction with ranking functions for states and tokens Mojmir acceptance ( ) vs. Rabin acceptance (finite, )? Alternative definition for Mojmir acceptance Mojmir Automata for FGϕ for arbitrary ϕ Divide-and-conquer approach Construct for every G-subformula a separate automaton Instead of expanding G s rely on the other automata Intersection and Union of several Mojmir Automata Salomon Sickert (TU München) 13 / 16

48 Overview of the Construction Master-Transition-System LTL G-subformulae Product Generalised Rabin Mojmir Rabin Salomon Sickert (TU München) 14 / 16

49 Overview of the Construction Master-Transition-System LTL G-subformulae Product Generalised Rabin Mojmir Rabin The Master-Transition-System tracks a finite prefix of the ω-word. Salomon Sickert (TU München) 14 / 16

50 Overview of the Construction Master-Transition-System LTL G-subformulae Product Generalised Rabin Mojmir Rabin The Master-Transition-System tracks a finite prefix of the ω-word. Acceptance: 1 Guess the set of eventually true G-subformulae 2 Verify this guess using the Mojmir automata 3 Accept iff almost all the time this guess entails the current state of the master-transition-system Salomon Sickert (TU München) 14 / 16

51 Conclusion and Future Work The presented translation... preservers the logical structure of the formula is compositional Aggressive optimization can lead to huge space savings Some optimizations are already verified yields small deterministic ω-automata Salomon Sickert (TU München) 15 / 16

52 Conclusion and Future Work The presented translation... preservers the logical structure of the formula is compositional Aggressive optimization can lead to huge space savings Some optimizations are already verified yields small deterministic ω-automata Open Problems: Explore and formalize further optimizations Adapt construction to support: Alternation-free linear-time µ-calculus (contains LTL) Parity automata Salomon Sickert (TU München) 15 / 16

53 Getting More Information Javier Esparza, Jan Kretínský: From LTL to Deterministic Automata: A Safraless Compositional Approach. CAV 2014: pages From LTL to Deterministic Automata: A Safraless Compositional Approach Javier Esparza and Jan Křetínský p 2014 Institut für Informatik, Technische Universität München, Germany IST Austria Salomon Sickert (TU München) 16 / 16 Abstract. We present a new algorithm to construct a (generalized) deterministic Rabin automaton for an LTL formula ϕ. The automaton is

54 Getting More Information Javier Esparza, Jan Kretínský: From LTL to Deterministic Automata: A Safraless Compositional Approach. CAV 2014: pages Isabelle/HOL Formalisation To be submitted to the Archive of Formal Proofs - afp.sourceforge.net Available on request: sickert@in.tum.de From LTL to Deterministic Automata: A Safraless Compositional Approach Javier Esparza and Jan Křetínský p 2014 Institut für Informatik, Technische Universität München, Germany IST Austria Salomon Sickert (TU München) 16 / 16 Abstract. We present a new algorithm to construct a (generalized) deterministic Rabin automaton for an LTL formula ϕ. The automaton is

55 Getting More Information Javier Esparza, Jan Kretínský: From LTL to Deterministic Automata: A Safraless Compositional Approach. CAV 2014: pages Isabelle/HOL Formalisation To be submitted to the Archive of Formal Proofs - afp.sourceforge.net Available on request: sickert@in.tum.de Thank you for your attention! From LTL to Deterministic Automata: A Safraless Compositional Approach Javier Esparza and Jan Křetínský p 2014 Institut für Informatik, Technische Universität München, Germany IST Austria Salomon Sickert (TU München) 16 / 16 Abstract. We present a new algorithm to construct a (generalized) deterministic Rabin automaton for an LTL formula ϕ. The automaton is

Similar documents

Limit-Deterministic Büchi Automata for Linear Temporal Logic

Limit-Deterministic Büchi Automata for Linear Temporal Logic Limit-Deterministic Büchi Automata for Linear Temporal Logic Salomon Sickert, Javier Esparza, Stefan Jaax, and Jan Křetínský Technische Universität München Abstract. Limit-deterministic Büchi automata

More information

Comparison of LTL to Deterministic Rabin Automata Translators

Comparison of LTL to Deterministic Rabin Automata Translators Comparison of LTL to Deterministic Rabin Automata Translators František Blahoudek, Mojmír Křetínský, and Jan Strejček Faculty of Informatics, Masaryk University, Brno, Czech Republic {xblahoud, kretinsky,

More information

Effective Translation of LTL to Deterministic Rabin Automata: Beyond the (F,G)-Fragment

Effective Translation of LTL to Deterministic Rabin Automata: Beyond the (F,G)-Fragment Effective Translation of LTL to Deterministic Rabin Automata: Beyond the (F,G)-Fragment Tomáš Babiak, František Blahoudek, Mojmír Křetínský, and Jan Strejček Faculty of Informatics, Masaryk University,

More information

One Theorem to Rule Them All: A Unified Translation of LTL into ω-automata

One Theorem to Rule Them All: A Unified Translation of LTL into ω-automata Abstract One Theorem to Rule Them All: A Unified Translation of LTL into ω-automata Javier Esparza esparza@in.tum.de Technische Universität München Germany We present a unified translation of LTL formulas

More information

Automata on Infinite words and LTL Model Checking

Automata on Infinite words and LTL Model Checking Automata on Infinite words and LTL Model Checking Rodica Condurache Lecture 4 Lecture 4 Automata on Infinite words and LTL Model Checking 1 / 35 Labeled Transition Systems Let AP be the (finite) set of

More information

The theory of regular cost functions.

The theory of regular cost functions. The theory of regular cost functions. Denis Kuperberg PhD under supervision of Thomas Colcombet Hebrew University of Jerusalem ERC Workshop on Quantitative Formal Methods Jerusalem, 10-05-2013 1 / 30 Introduction

More information

Optimal Translation of LTL to Limit Deterministic Automata

Optimal Translation of LTL to Limit Deterministic Automata Optimal Translation of LTL to Limit Deterministic Automata Dileep Kini and Mahesh Viswanathan University of Illinois at Urbana-Champaign, Department of Computer Science Abstract. A crucial step in model

More information

CS256/Spring 2008 Lecture #11 Zohar Manna. Beyond Temporal Logics

CS256/Spring 2008 Lecture #11 Zohar Manna. Beyond Temporal Logics CS256/Spring 2008 Lecture #11 Zohar Manna Beyond Temporal Logics Temporal logic expresses properties of infinite sequences of states, but there are interesting properties that cannot be expressed, e.g.,

More information

Büchi Automata and Linear Temporal Logic

Büchi Automata and Linear Temporal Logic Büchi Automata and Linear Temporal Logic Joshua D. Guttman Worcester Polytechnic Institute 18 February 2010 Guttman ( WPI ) Büchi & LTL 18 Feb 10 1 / 10 Büchi Automata Definition A Büchi automaton is a

More information

ω-automata Automata that accept (or reject) words of infinite length. Languages of infinite words appear:

ω-automata Automata that accept (or reject) words of infinite length. Languages of infinite words appear: ω-automata ω-automata Automata that accept (or reject) words of infinite length. Languages of infinite words appear: in verification, as encodings of non-terminating executions of a program. in arithmetic,

More information

Temporal Logic. M φ. Outline. Why not standard logic? What is temporal logic? LTL CTL* CTL Fairness. Ralf Huuck. Kripke Structure

Temporal Logic. M φ. Outline. Why not standard logic? What is temporal logic? LTL CTL* CTL Fairness. Ralf Huuck. Kripke Structure Outline Temporal Logic Ralf Huuck Why not standard logic? What is temporal logic? LTL CTL* CTL Fairness Model Checking Problem model, program? M φ satisfies, Implements, refines property, specification

More information

Impartial Anticipation in Runtime-Verification

Impartial Anticipation in Runtime-Verification Impartial Anticipation in Runtime-Verification Wei Dong 1, Martin Leucker 2, and Christian Schallhart 2 1 School of Computer, National University of Defense Technology, P.R.China 2 Institut für Informatik,

More information

Computation Tree Logic (CTL) & Basic Model Checking Algorithms

Computation Tree Logic (CTL) & Basic Model Checking Algorithms Computation Tree Logic (CTL) & Basic Model Checking Algorithms Martin Fränzle Carl von Ossietzky Universität Dpt. of Computing Science Res. Grp. Hybride Systeme Oldenburg, Germany 02917: CTL & Model Checking

More information

Fast LTL to Büchi Automata Translation

Fast LTL to Büchi Automata Translation (LTL2BA) April 19, 2013 (LTL2BA) Table of contents 1 (LTL2BA) 2 Alternating Formula Improvements in LTL to VWAA Translation Improvements in VWAA to TGBA Translation Optimization of BA 3 (LTL2BA) (LTL2BA)

More information

Comparing LTL Semantics for Runtime Verification

Comparing LTL Semantics for Runtime Verification Comparing LTL Semantics for Runtime Verification Andreas Bauer 1, Martin Leucker 2, and Christian Schallhart 2 1 National ICT Australia (NICTA) 2 Institut für Informatik, Technische Universität München

More information

Chapter 3: Linear temporal logic

Chapter 3: Linear temporal logic INFOF412 Formal verification of computer systems Chapter 3: Linear temporal logic Mickael Randour Formal Methods and Verification group Computer Science Department, ULB March 2017 1 LTL: a specification

More information

Automata-based Verification - III

Automata-based Verification - III COMP30172: Advanced Algorithms Automata-based Verification - III Howard Barringer Room KB2.20: email: howard.barringer@manchester.ac.uk March 2009 Third Topic Infinite Word Automata Motivation Büchi Automata

More information

Almost Linear Büchi Automata

Almost Linear Büchi Automata Almost Linear Büchi Automata Tomáš Babiak Vojtěch Řehák Jan Strejček Faculty of Informatics Masaryk University Brno, Czech Republic {xbabiak, rehak, strejcek}@fi.muni.cz We introduce a new fragment of

More information

Deciding the weak definability of Büchi definable tree languages

Deciding the weak definability of Büchi definable tree languages Deciding the weak definability of Büchi definable tree languages Thomas Colcombet 1,DenisKuperberg 1, Christof Löding 2, Michael Vanden Boom 3 1 CNRS and LIAFA, Université Paris Diderot, France 2 Informatik

More information

An On-the-fly Tableau Construction for a Real-Time Temporal Logic

An On-the-fly Tableau Construction for a Real-Time Temporal Logic #! & F $ F ' F " F % An On-the-fly Tableau Construction for a Real-Time Temporal Logic Marc Geilen and Dennis Dams Faculty of Electrical Engineering, Eindhoven University of Technology P.O.Box 513, 5600

More information

Reasoning about Time and Reliability

Reasoning about Time and Reliability Reasoning about Time and Reliability Probabilistic CTL model checking Daniel Bruns Institut für theoretische Informatik Universität Karlsruhe 13. Juli 2007 Seminar Theorie und Anwendung von Model Checking

More information

A Symbolic Approach to Safety LTL Synthesis

A Symbolic Approach to Safety LTL Synthesis A Symbolic Approach to Safety LTL Synthesis Shufang Zhu 1 Lucas M. Tabajara 2 Jianwen Li Geguang Pu 1 Moshe Y. Vardi 2 1 East China Normal University 2 Rice Lucas M. Tabajara (Rice University) 2 University

More information

Decision Procedures for CTL

Decision Procedures for CTL Decision Procedures for CTL Oliver Friedmann and Markus Latte Dept. of Computer Science, University of Munich, Germany Abstract. We give an overview over three serious attempts to devise an effective decision

More information

Automata, Logic and Games: Theory and Application

Automata, Logic and Games: Theory and Application Automata, Logic and Games: Theory and Application 2 Parity Games, Tree Automata, and S2S Luke Ong University of Oxford TACL Summer School University of Salerno, 14-19 June 2015 Luke Ong S2S 14-19 June

More information

Automata-based Verification - III

Automata-based Verification - III CS3172: Advanced Algorithms Automata-based Verification - III Howard Barringer Room KB2.20/22: email: howard.barringer@manchester.ac.uk March 2005 Third Topic Infinite Word Automata Motivation Büchi Automata

More information

Logic Model Checking

Logic Model Checking Logic Model Checking Lecture Notes 10:18 Caltech 101b.2 January-March 2004 Course Text: The Spin Model Checker: Primer and Reference Manual Addison-Wesley 2003, ISBN 0-321-22862-6, 608 pgs. the assignment

More information

Computer-Aided Program Design

Computer-Aided Program Design Computer-Aided Program Design Spring 2015, Rice University Unit 3 Swarat Chaudhuri February 5, 2015 Temporal logic Propositional logic is a good language for describing properties of program states. However,

More information

Automata and Reactive Systems

Automata and Reactive Systems Automata and Reactive Systems Lecture WS 2002/2003 Prof. Dr. W. Thomas RWTH Aachen Preliminary version (Last change March 20, 2003) Translated and revised by S. N. Cho and S. Wöhrle German version by M.

More information

Automata-Theoretic Verification

Automata-Theoretic Verification Automata-Theoretic Verification Javier Esparza TU München Orna Kupferman The Hebrew University Moshe Y. Vardi Rice University 1 Introduction This chapter describes the automata-theoretic approach to the

More information

Theoretical Foundations of the UML

Theoretical Foundations of the UML Theoretical Foundations of the UML Lecture 17+18: A Logic for MSCs Joost-Pieter Katoen Lehrstuhl für Informatik 2 Software Modeling and Verification Group moves.rwth-aachen.de/teaching/ws-1718/fuml/ 5.

More information

PSL Model Checking and Run-time Verification via Testers

PSL Model Checking and Run-time Verification via Testers PSL Model Checking and Run-time Verification via Testers Formal Methods 2006 Aleksandr Zaks and Amir Pnueli New York University Introduction Motivation (Why PSL?) A new property specification language,

More information

From Liveness to Promptness

From Liveness to Promptness From Liveness to Promptness Orna Kupferman Hebrew University Nir Piterman EPFL Moshe Y. Vardi Rice University Abstract Liveness temporal properties state that something good eventually happens, e.g., every

More information

Automaten und Formale Sprachen Automata and Formal Languages

Automaten und Formale Sprachen Automata and Formal Languages WS 2014/15 Automaten und Formale Sprachen Automata and Formal Languages Ernst W. Mayr Fakultät für Informatik TU München http://www14.in.tum.de/lehre/2014ws/afs/ Wintersemester 2014/15 AFS Chapter 0 Organizational

More information

Temporal logics and explicit-state model checking. Pierre Wolper Université de Liège

Temporal logics and explicit-state model checking. Pierre Wolper Université de Liège Temporal logics and explicit-state model checking Pierre Wolper Université de Liège 1 Topics to be covered Introducing explicit-state model checking Finite automata on infinite words Temporal Logics and

More information

Automata, Logic and Games. C.-H. L. Ong

Automata, Logic and Games. C.-H. L. Ong Automata, Logic and Games C.-H. L. Ong March 6, 2013 2 Contents 0 Automata, Logic and Games 1 0.1 Aims and Prerequisites............................... 1 0.2 Motivation.....................................

More information

Linear-Time Logic. Hao Zheng

Linear-Time Logic. Hao Zheng Linear-Time Logic Hao Zheng Department of Computer Science and Engineering University of South Florida Tampa, FL 33620 Email: zheng@cse.usf.edu Phone: (813)974-4757 Fax: (813)974-5456 Hao Zheng (CSE, USF)

More information

Modal and Temporal Logics

Modal and Temporal Logics Modal and Temporal Logics Colin Stirling School of Informatics University of Edinburgh July 23, 2003 Why modal and temporal logics? 1 Computational System Modal and temporal logics Operational semantics

More information

Languages, logics and automata

Languages, logics and automata Languages, logics and automata Anca Muscholl LaBRI, Bordeaux, France EWM summer school, Leiden 2011 1 / 89 Before all that.. Sonia Kowalewskaya Emmy Noether Julia Robinson All this attention has been gratifying

More information

Lecture Notes on Emptiness Checking, LTL Büchi Automata

Lecture Notes on Emptiness Checking, LTL Büchi Automata 15-414: Bug Catching: Automated Program Verification Lecture Notes on Emptiness Checking, LTL Büchi Automata Matt Fredrikson André Platzer Carnegie Mellon University Lecture 18 1 Introduction We ve seen

More information

Linear Temporal Logic and Büchi Automata

Linear Temporal Logic and Büchi Automata Linear Temporal Logic and Büchi Automata Yih-Kuen Tsay Department of Information Management National Taiwan University FLOLAC 2009 Yih-Kuen Tsay (SVVRL @ IM.NTU) Linear Temporal Logic and Büchi Automata

More information

Efficient Model Checking of Safety Properties

Efficient Model Checking of Safety Properties Efficient Model Checking of Safety Properties Timo Latvala timo.latvala@hut.fi Laboratory for Theoretical Computer Science Helsinki University of Technology Finland Spin 2003 p.1/16 Introduction Safety

More information

Minimising Deterministic Büchi Automata Precisely using SAT Solving

Minimising Deterministic Büchi Automata Precisely using SAT Solving Minimising Deterministic Büchi Automata Precisely using SAT Solving Rüdiger Ehlers Saarland University, Reactive Systems Group SAT 2010 July 14, 2010 Rüdiger Ehlers (SB) DBA Minimization SAT 2010 July

More information

Infinite Games. Sumit Nain. 28 January Slides Credit: Barbara Jobstmann (CNRS/Verimag) Department of Computer Science Rice University

Infinite Games. Sumit Nain. 28 January Slides Credit: Barbara Jobstmann (CNRS/Verimag) Department of Computer Science Rice University Infinite Games Sumit Nain Department of Computer Science Rice University 28 January 2013 Slides Credit: Barbara Jobstmann (CNRS/Verimag) Motivation Abstract games are of fundamental importance in mathematics

More information

Controller synthesis for MDPs and Frequency LTL \GU

Controller synthesis for MDPs and Frequency LTL \GU Controller synthesis for MDPs and Frequency LTL \GU Vojtěch Forejt 1, Jan Krčál 2, and Jan Křetínský 3 1 Department of Computer Science, University of Oxford, UK 2 Saarland University Computer Science,

More information

Timo Latvala. March 7, 2004

Timo Latvala. March 7, 2004 Reactive Systems: Safety, Liveness, and Fairness Timo Latvala March 7, 2004 Reactive Systems: Safety, Liveness, and Fairness 14-1 Safety Safety properties are a very useful subclass of specifications.

More information

Efficient Model Checking of Safety Properties

Efficient Model Checking of Safety Properties Efficient Model Checking of Safety Properties Timo Latvala Laboratory for Theoretical Computer Science Helsinki University of Technology P.O. Box 9205 FIN-02015 HUT Finland Timo.Latvala@hut.fi Abstract.

More information

Alan Bundy. Automated Reasoning LTL Model Checking

Alan Bundy. Automated Reasoning LTL Model Checking Automated Reasoning LTL Model Checking Alan Bundy Lecture 9, page 1 Introduction So far we have looked at theorem proving Powerful, especially where good sets of rewrite rules or decision procedures have

More information

Homework 2: Temporal logic

Homework 2: Temporal logic ICS-E5010 Computer-Aided Verification and Synthesis, Spring 2016 Stavros Tripakis Homework 2: Temporal logic Assigned: January 20, 2016 Due: February 1, 2016 Total: 235 points. 1. (20 points) Two formulae

More information

Visibly Linear Dynamic Logic

Visibly Linear Dynamic Logic Visibly Linear Dynamic Logic Joint work with Alexander Weinert (Saarland University) Martin Zimmermann Saarland University September 8th, 2016 Highlights Conference, Brussels, Belgium Martin Zimmermann

More information

A Hierarchy for Accellera s Property Specification Language

A Hierarchy for Accellera s Property Specification Language A Hierarchy for Accellera s Property Specification Language Thomas Türk May 1st, 2005 Diploma Thesis University of Kaiserslautern Supervisor: Prof. Dr. Klaus Schneider Vorliegende Diplomarbeit wurde von

More information

LTL with Arithmetic and its Applications in Reasoning about Hierarchical Systems

LTL with Arithmetic and its Applications in Reasoning about Hierarchical Systems This space is reserved for the EPiC Series header, do not use it LTL with Arithmetic and its Applications in Reasoning about Hierarchical Systems Rachel Faran and Orna Kupferman The Hebrew University,

More information

Decision Procedures for CTL

Decision Procedures for CTL Decision Procedures for CTL Oliver Friedmann 1 Markus Latte 1 1 Dept. of Computer Science, Ludwig-Maximilians-University, Munich, Germany CLoDeM Edinburgh, 15 July 2010 Introduction to CTL Origin: Emerson

More information

Bounded Synthesis. Sven Schewe and Bernd Finkbeiner. Universität des Saarlandes, Saarbrücken, Germany

Bounded Synthesis. Sven Schewe and Bernd Finkbeiner. Universität des Saarlandes, Saarbrücken, Germany Bounded Synthesis Sven Schewe and Bernd Finkbeiner Universität des Saarlandes, 66123 Saarbrücken, Germany Abstract. The bounded synthesis problem is to construct an implementation that satisfies a given

More information

Łukasz Kaiser Joint work with Diana Fischer and Erich Grädel

Łukasz Kaiser Joint work with Diana Fischer and Erich Grädel Quantitative Systems, Modal Logics and Games Łukasz Kaiser Joint work with Diana Fischer and Erich Grädel Mathematische Grundlagen der Informatik RWTH Aachen AlgoSyn, February 28 Quantitative Systems (Łukasz

More information

Büchi Automata and Their Determinization

Büchi Automata and Their Determinization Büchi Automata and Their Determinization Edinburgh, October 215 Plan of the Day 1. Büchi automata and their determinization 2. Infinite games 3. Rabin s Tree Theorem 4. Decidability of monadic theories

More information

Strategy Synthesis for Markov Decision Processes and Branching-Time Logics

Strategy Synthesis for Markov Decision Processes and Branching-Time Logics Strategy Synthesis for Markov Decision Processes and Branching-Time Logics Tomáš Brázdil and Vojtěch Forejt Faculty of Informatics, Masaryk University, Botanická 68a, 60200 Brno, Czech Republic. {brazdil,forejt}@fi.muni.cz

More information

Linear-time Temporal Logic

Linear-time Temporal Logic Linear-time Temporal Logic Pedro Cabalar Department of Computer Science University of Corunna, SPAIN cabalar@udc.es 2015/2016 P. Cabalar ( Department Linear oftemporal Computer Logic Science University

More information

Generating Deterministic ω-automata for most LTL Formulas by the Breakpoint Construction

Generating Deterministic ω-automata for most LTL Formulas by the Breakpoint Construction Generating Deterministic ω-automata for most LTL Formulas by the Breakpoint Construction Andreas Morgenstern, Klaus Schneider and Sven Lamberti Department of Computer Science, University of Kaiserslautern

More information

Automata, Logic and Games. C.-H. L. Ong

Automata, Logic and Games. C.-H. L. Ong Automata, Logic and Games C.-H. L. Ong June 12, 2015 2 Contents 0 Automata, Logic and Games 1 0.1 Aims and Prerequisites............................... 1 0.2 Motivation.....................................

More information

Subsumption of concepts in FL 0 for (cyclic) terminologies with respect to descriptive semantics is PSPACE-complete.

Subsumption of concepts in FL 0 for (cyclic) terminologies with respect to descriptive semantics is PSPACE-complete. Subsumption of concepts in FL 0 for (cyclic) terminologies with respect to descriptive semantics is PSPACE-complete. Yevgeny Kazakov and Hans de Nivelle MPI für Informatik, Saarbrücken, Germany E-mail:

More information

Overview. overview / 357

Overview. overview / 357 Overview overview6.1 Introduction Modelling parallel systems Linear Time Properties Regular Properties Linear Temporal Logic (LTL) Computation Tree Logic syntax and semantics of CTL expressiveness of CTL

More information

Systems Verification. Alessandro Abate. Day 1 January 25, 2016

Systems Verification. Alessandro Abate. Day 1 January 25, 2016 Systems Verification Alessandro Abate Day 1 January 25, 2016 Outline Course setup Intro to formal verification Models - labelled transition systems Properties as specifications - modal logics Model checking

More information

Optimal Bounds in Parametric LTL Games

Optimal Bounds in Parametric LTL Games Optimal Bounds in Parametric LTL Games Martin Zimmermann 1 Institute of Informatics University of Warsaw Warsaw, Poland Abstract Parameterized linear temporal logics are extensions of Linear Temporal Logic

More information

Temporal Logic. Stavros Tripakis University of California, Berkeley. We have designed a system. We want to check that it is correct.

Temporal Logic. Stavros Tripakis University of California, Berkeley. We have designed a system. We want to check that it is correct. EE 244: Fundamental Algorithms for System Modeling, Analysis, and Optimization Fall 2016 Temporal logic Stavros Tripakis University of California, Berkeley Stavros Tripakis (UC Berkeley) EE 244, Fall 2016

More information

Tecniche di Specifica e di Verifica. Automata-based LTL Model-Checking

Tecniche di Specifica e di Verifica. Automata-based LTL Model-Checking Tecniche di Specifica e di Verifica Automata-based LTL Model-Checking Finite state automata A finite state automaton is a tuple A = (Σ,S,S 0,R,F) Σ: set of input symbols S: set of states -- S 0 : set of

More information

Modal and Temporal Logics

Modal and Temporal Logics Modal and Temporal Logics Colin Stirling School of Informatics University of Edinburgh July 26, 2003 Computational Properties 1 Satisfiability Problem: Given a modal µ-calculus formula Φ, is Φ satisfiable?

More information

From Monadic Second-Order Definable String Transformations to Transducers

From Monadic Second-Order Definable String Transformations to Transducers From Monadic Second-Order Definable String Transformations to Transducers Rajeev Alur 1 Antoine Durand-Gasselin 2 Ashutosh Trivedi 3 1 University of Pennsylvania 2 LIAFA, Université Paris Diderot 3 Indian

More information

CHURCH SYNTHESIS PROBLEM and GAMES

CHURCH SYNTHESIS PROBLEM and GAMES p. 1/? CHURCH SYNTHESIS PROBLEM and GAMES Alexander Rabinovich Tel-Aviv University, Israel http://www.tau.ac.il/ rabinoa p. 2/? Plan of the Course 1. The Church problem - logic and automata. 2. Games -

More information

Applied Automata Theory

Applied Automata Theory Applied Automata Theory Roland Meyer TU Kaiserslautern Roland Meyer (TU KL) Applied Automata Theory (WiSe 2013) 1 / 161 Table of Contents I 1 Regular Languages and Finite Automata Regular Languages Finite

More information

Automata, Logic and Games: Theory and Application

Automata, Logic and Games: Theory and Application Automata, Logic and Games: Theory and Application 1. Büchi Automata and S1S Luke Ong University of Oxford TACL Summer School University of Salerno, 14-19 June 2015 Luke Ong Büchi Automata & S1S 14-19 June

More information

Quasi-Weak Cost Automata

Quasi-Weak Cost Automata Quasi-Weak Cost Automata A New Variant of Weakness Denis Kuperberg 1 Michael Vanden Boom 2 1 LIAFA/CNRS/Université Paris 7, Denis Diderot, France 2 Department of Computer Science, University of Oxford,

More information

Lecture Notes on Classical Modal Logic

Lecture Notes on Classical Modal Logic Lecture Notes on Classical Modal Logic 15-816: Modal Logic André Platzer Lecture 5 January 26, 2010 1 Introduction to This Lecture The goal of this lecture is to develop a starting point for classical

More information

A Logical Characterization for Weighted Event-Recording Automata

A Logical Characterization for Weighted Event-Recording Automata A Logical Characterization for Weighted Event-Recording Automata June 23, 2009 Karin Quaas Institut für Informatik, Universität Leipzig 04009 Leipzig, Germany quaas@informatik.uni-leipzig.de Abstract.

More information

Advanced Automata Theory 7 Automatic Functions

Advanced Automata Theory 7 Automatic Functions Advanced Automata Theory 7 Automatic Functions Frank Stephan Department of Computer Science Department of Mathematics National University of Singapore fstephan@comp.nus.edu.sg Advanced Automata Theory

More information

Model Checking LTL with Regular Valuations for Pushdown Systems 1

Model Checking LTL with Regular Valuations for Pushdown Systems 1 Model Checking LTL with Regular Valuations for Pushdown Systems 1 Javier Esparza Division of Informatics University of Edinburgh Edinburgh EH9 3JZ United Kingdom E-mail: jav@dcs.ed.ac.uk and Antonín Kučera

More information

Propositional Calculus - Semantics (3/3) Moonzoo Kim CS Dept. KAIST

Propositional Calculus - Semantics (3/3) Moonzoo Kim CS Dept. KAIST Propositional Calculus - Semantics (3/3) Moonzoo Kim CS Dept. KAIST moonzoo@cs.kaist.ac.kr 1 Overview 2.1 Boolean operators 2.2 Propositional formulas 2.3 Interpretations 2.4 Logical Equivalence and substitution

More information

On the Succinctness of Nondeterminizm

On the Succinctness of Nondeterminizm On the Succinctness of Nondeterminizm Benjamin Aminof and Orna Kupferman Hebrew University, School of Engineering and Computer Science, Jerusalem 91904, Israel Email: {benj,orna}@cs.huji.ac.il Abstract.

More information

Introduction to Temporal Logic. The purpose of temporal logics is to specify properties of dynamic systems. These can be either

Introduction to Temporal Logic. The purpose of temporal logics is to specify properties of dynamic systems. These can be either Introduction to Temporal Logic The purpose of temporal logics is to specify properties of dynamic systems. These can be either Desired properites. Often liveness properties like In every infinite run action

More information

On Model Checking Techniques for Randomized Distributed Systems. Christel Baier Technische Universität Dresden

On Model Checking Techniques for Randomized Distributed Systems. Christel Baier Technische Universität Dresden On Model Checking Techniques for Randomized Distributed Systems Christel Baier Technische Universität Dresden joint work with Nathalie Bertrand Frank Ciesinski Marcus Größer / 6 biological systems, resilient

More information

Transformation Between Regular Expressions and ω-automata

Transformation Between Regular Expressions and ω-automata Transformation Between Regular Expressions and ω-automata Christof Löding 1 and Andreas Tollkötter 2 1 RWTH Aachen, Lehrstuhl für Informatik 7, 52056 Aachen, Germany loeding@informatik.rwth-aachen.de 2

More information

Course Runtime Verification

Course Runtime Verification Course Martin Leucker (ISP) Volker Stolz (Høgskolen i Bergen, NO) INF5140 / V17 Chapters of the Course Chapter 1 Recall in More Depth Chapter 2 Specification Languages on Words Chapter 3 LTL on Finite

More information

LTL and CTL. Lecture Notes by Dhananjay Raju

LTL and CTL. Lecture Notes by Dhananjay Raju LTL and CTL Lecture Notes by Dhananjay Raju draju@cs.utexas.edu 1 Linear Temporal Logic: LTL Temporal logics are a convenient way to formalise and verify properties of reactive systems. LTL is an infinite

More information

Quantitative Verification

Quantitative Verification Quantitative Verification Chapter 3: Markov chains Jan Křetínský Technical University of Munich Winter 207/8 / 84 Motivation 2 / 84 Example: Simulation of a die by coins Knuth & Yao die Simulating a Fair

More information

On the coinductive nature of centralizers

On the coinductive nature of centralizers On the coinductive nature of centralizers Charles Grellois INRIA & University of Bologna Séminaire du LIFO Jan 16, 2017 Charles Grellois (INRIA & Bologna) On the coinductive nature of centralizers Jan

More information

Relational Interfaces and Refinement Calculus for Compositional System Reasoning

Relational Interfaces and Refinement Calculus for Compositional System Reasoning Relational Interfaces and Refinement Calculus for Compositional System Reasoning Viorel Preoteasa Joint work with Stavros Tripakis and Iulia Dragomir 1 Overview Motivation General refinement Relational

More information

Tree Automata and Rewriting

Tree Automata and Rewriting and Rewriting Ralf Treinen Université Paris Diderot UFR Informatique Laboratoire Preuves, Programmes et Systèmes treinen@pps.jussieu.fr July 23, 2010 What are? Definition Tree Automaton A tree automaton

More information

Lecture 9 Synthesis of Reactive Control Protocols

Lecture 9 Synthesis of Reactive Control Protocols Lecture 9 Synthesis of Reactive Control Protocols Nok Wongpiromsarn Singapore-MIT Alliance for Research and Technology Richard M. Murray and Ufuk Topcu California Institute of Technology EECI, 16 May 2012

More information

Logic in Automatic Verification

Logic in Automatic Verification Logic in Automatic Verification Javier Esparza Sofware Reliability and Security Group Institute for Formal Methods in Computer Science University of Stuttgart Many thanks to Abdelwaheb Ayari, David Basin,

More information

LOGIC PROPOSITIONAL REASONING

LOGIC PROPOSITIONAL REASONING LOGIC PROPOSITIONAL REASONING WS 2017/2018 (342.208) Armin Biere Martina Seidl biere@jku.at martina.seidl@jku.at Institute for Formal Models and Verification Johannes Kepler Universität Linz Version 2018.1

More information

The State Explosion Problem

The State Explosion Problem The State Explosion Problem Martin Kot August 16, 2003 1 Introduction One from main approaches to checking correctness of a concurrent system are state space methods. They are suitable for automatic analysis

More information

Chapter 5: Linear Temporal Logic

Chapter 5: Linear Temporal Logic Chapter 5: Linear Temporal Logic Prof. Ali Movaghar Verification of Reactive Systems Spring 94 Outline We introduce linear temporal logic (LTL), a logical formalism that is suited for specifying LT properties.

More information

arxiv: v1 [cs.lo] 17 Jun 2014

arxiv: v1 [cs.lo] 17 Jun 2014 On MITL and alternating timed automata over infinite words Thomas Brihaye 1, Morgane Estiévenart 1, and Gilles Geeraerts 2 1 UMons, Belgium, 2 U.L.B., Belgium arxiv:1406.4395v1 [cs.lo] 17 Jun 2014 Abstract.

More information

arxiv: v2 [cs.lo] 22 Jul 2017

arxiv: v2 [cs.lo] 22 Jul 2017 Tableaux for Policy Synthesis for MDPs with PCTL* Constraints Peter Baumgartner, Sylvie Thiébaux, and Felipe Trevizan Data61/CSIRO and Research School of Computer Science, ANU, Australia Email: first.last@anu.edu.au

More information

Inducing syntactic cut-elimination for indexed nested sequents

Inducing syntactic cut-elimination for indexed nested sequents Inducing syntactic cut-elimination for indexed nested sequents Revantha Ramanayake Technische Universität Wien (Austria) IJCAR 2016 June 28, 2016 Revantha Ramanayake (TU Wien) Inducing syntactic cut-elimination

More information

Chapter 4: Computation tree logic

Chapter 4: Computation tree logic INFOF412 Formal verification of computer systems Chapter 4: Computation tree logic Mickael Randour Formal Methods and Verification group Computer Science Department, ULB March 2017 1 CTL: a specification

More information

T Reactive Systems: Temporal Logic LTL

T Reactive Systems: Temporal Logic LTL Tik-79.186 Reactive Systems 1 T-79.186 Reactive Systems: Temporal Logic LTL Spring 2005, Lecture 4 January 31, 2005 Tik-79.186 Reactive Systems 2 Temporal Logics Temporal logics are currently the most

More information

Löwenheim-Skolem Theorems, Countable Approximations, and L ω. David W. Kueker (Lecture Notes, Fall 2007)

Löwenheim-Skolem Theorems, Countable Approximations, and L ω. David W. Kueker (Lecture Notes, Fall 2007) Löwenheim-Skolem Theorems, Countable Approximations, and L ω 0. Introduction David W. Kueker (Lecture Notes, Fall 2007) In its simplest form the Löwenheim-Skolem Theorem for L ω1 ω states that if σ L ω1

More information

Failure Diagnosis of Discrete Event Systems With Linear-Time Temporal Logic Specifications

Failure Diagnosis of Discrete Event Systems With Linear-Time Temporal Logic Specifications Failure Diagnosis of Discrete Event Systems With Linear-Time Temporal Logic Specifications Shengbing Jiang and Ratnesh Kumar Abstract The paper studies failure diagnosis of discrete event systems with

More information

Description Logics. Deduction in Propositional Logic. franconi. Enrico Franconi

Description Logics. Deduction in Propositional Logic. franconi. Enrico Franconi (1/20) Description Logics Deduction in Propositional Logic Enrico Franconi franconi@cs.man.ac.uk http://www.cs.man.ac.uk/ franconi Department of Computer Science, University of Manchester (2/20) Decision

More information

Temporal logics and model checking for fairly correct systems

Temporal logics and model checking for fairly correct systems Temporal logics and model checking for fairly correct systems Hagen Völzer 1 joint work with Daniele Varacca 2 1 Lübeck University, Germany 2 Imperial College London, UK LICS 2006 Introduction Five Philosophers

More information
2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback